EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

Motivations July H1 2023

No Data Found

Attack Techniques July H1 2023

No Data Found

In the first half of July 2023, I collected 161 events (corresponding to 10.73 events per day), a number that, despite significantly lower than the two timelines of June (part I and part II) with respectively 12.27 and 12 events per day, confirms the sustained trend of this mid 2023, fueled by the exploitation at scale of the CVE-2023-34362 MOVEit vulnerability by the Clop (AKA Cl0p) ransomware group.

Consequently the attacks carried out exploiting vulnerabilities were still on top of the attack techniques with the new record of 36% (58 out of 161 events) beating the previous value of 29.8% (53 out of 178 events) recorded during the second half of June. The other obvious consequence was the increase of the percentage of events directly or indirectly characterized by ransomware, soaring to 44.72% (72 out of 161 events) up from 40.3% (72 out of 178 events) of the previous timeline, and again a new record.

The fintech sector was quite under pressure during the first half of July, with multiple massive hacks (translating in multiple losses of dollars) hitting several organizations, some of which were hit twice during this fortnight, such as Multichain (that lost a total of 228 million dollars worth despite it is not clear if the incidents were real cyber attacks or a rug pull) or even Rodeo Finance that lost the equivalent of “only” 1.5 million dollars. Another fintech company hit hard was Poly Network, which lost the equivalent of 4.4 million dollars, and in the same time the Financial Time revealed that In early 2022, threat actors exploited a zero-day flaw in Revolut to steal more than $20 million.

In terms of mega breaches, the personal information of nearly 35 million Indonesian passport holders was put up for sale on the dark web for $10,000 by a notorious hacktivist with the moniker of Bjorka, while HCA Healthcare disclosed a data breach impacting an estimated 11 million patients.

The Cyber Espionage front was quite crowded this fortnight, with multiple high-profile campaigns unearthed and carried out by known threat actors against organizations in Ukraine, such as Gamaredon and GhostWriter. Other interesting events, just to mention a few, include a campaign dubbed SmugX carried out by a Chinese threat actor and targeting embassies and foreign affairs ministries in multiple countries, the supply chain attack against JumpCloud by the North Korean Lazarus Group, the attack launched by RomCom against the NATO Summit attendees, the campaign launched by the Iranian Charming Kitten against experts in Middle Eastern affairs and nuclear security, and the widespread attack, orchestrated by a Chinese group dubbed Storm-0558 against 25 organizations worldwide, including U.S. and Western European government agencies, using forged authentication tokens,

In terms of hacktivism: the Cyber Partisans attacked the largest university in Belarus (Belarusian State University – BSU), the Ukrainian IT Army took down the Russian state-owned railway company RZD, SiegedSec continued their campaign against the U.S. and  KromSec leaked the personal information belonging to more than 1,100 employees of the French Ministry of Justice.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map June H2 2023

No Data Found

BE NOTIFIED OF NEW POSTS

SUPPORT MY WORK!
MAKE A DONATION

Creating the timelines is a very time-consuming task.

Any little helps!

BREACHOMETER

No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND

No Data Found

POPULAR POSTS
  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • Leaky Buckets in 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the incidents due to cloud misconfigurations and leading to...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Image by Dee from Pixabay16-31 July 2023 Cyber Attacks Timeline

    New victims of attacks carried out by the Clop (AKA Cl0p) ransomware gang exploiting the CVE-2023-34362 MOVEit vulnerability emerged even during...

  • July 2023 Cyber Attacks Statistics

    After the cyber attacks timelines, it’s time to publish the statistics of June 2023 where I have collected and analyzed 384 events, yet another record number driven...

TWITTER

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.